---
page_title: "cloudflare_device_posture_rule Resource - Cloudflare"
subcategory: ""
description: |-
  Provides a Cloudflare Device Posture Rule resource. Device posture rules configure security policies for device posture checks.
---

# cloudflare_device_posture_rule (Resource)

Provides a Cloudflare Device Posture Rule resource. Device posture rules configure security policies for device posture checks.

## Example Usage

```terraform
resource "cloudflare_device_posture_rule" "eaxmple" {
  account_id  = "f037e56e89293a057740de681ac9abbe"
  name        = "Corporate devices posture rule"
  type        = "os_version"
  description = "Device posture rule for corporate devices."
  schedule    = "24h"
  expiration  = "24h"

  match {
    platform = "linux"
  }

  input {
    id                 = cloudflare_teams_list.corporate_devices.id
    version            = "1.0.0"
    operator           = "<"
    os_distro_name     = "ubuntu"
    os_distro_revision = "1.0.0"
  }
}
```
<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `account_id` (String) The account identifier to target for the resource.
- `type` (String) The device posture rule type. Available values: `serial_number`, `file`, `application`, `gateway`, `warp`, `domain_joined`, `os_version`, `disk_encryption`, `firewall`, `client_certificate`, `workspace_one`, `unique_client_id`, `crowdstrike_s2s`, `sentinelone`, `kolide`, `tanium_s2s`, `intune`, `sentinelone_s2s`.

### Optional

- `description` (String)
- `expiration` (String) Expire posture results after the specified amount of time. Must be in the format `1h` or `30m`. Valid units are `h` and `m`.
- `input` (Block List) Required for all rule types except `warp`, `gateway`, and `tanium`. (see [below for nested schema](#nestedblock--input))
- `match` (Block List) The conditions that the client must match to run the rule. (see [below for nested schema](#nestedblock--match))
- `name` (String) Name of the device posture rule.
- `schedule` (String) Tells the client when to run the device posture check. Must be in the format `1h` or `30m`. Valid units are `h` and `m`.

### Read-Only

- `id` (String) The ID of this resource.

<a id="nestedblock--input"></a>
### Nested Schema for `input`

Optional:

- `active_threats` (Number) The number of active threats from SentinelOne.
- `certificate_id` (String) The UUID of a Cloudflare managed certificate.
- `check_disks` (Set of String) Specific volume(s) to check for encryption.
- `cn` (String) The common name for a certificate.
- `compliance_status` (String) The workspace one device compliance status. Available values: `compliant`, `noncompliant`.
- `connection_id` (String) The workspace one connection id.
- `count_operator` (String) The count comparison operator for kolide. Available values: `>`, `>=`, `<`, `<=`, `==`.
- `domain` (String) The domain that the client must join.
- `eid_last_seen` (String) The datetime a device last seen in RFC 3339 format from Tanium.
- `enabled` (Boolean) True if the firewall must be enabled.
- `exists` (Boolean) Checks if the file should exist.
- `id` (String) The Teams List id. Required for `serial_number` and `unique_client_id` rule types.
- `infected` (Boolean) True if SentinelOne device is infected.
- `is_active` (Boolean) True if SentinelOne device is active.
- `issue_count` (String) The number of issues for kolide.
- `network_status` (String) The network status from SentinelOne. Available values: `connected`, `disconnected`, `disconnecting`, `connecting`.
- `operator` (String) The version comparison operator. Available values: `>`, `>=`, `<`, `<=`, `==`.
- `os` (String) OS signal score from Crowdstrike. Value must be between 1 and 100.
- `os_distro_name` (String) The operating system excluding version information.
- `os_distro_revision` (String) The operating system version excluding OS name information or release name.
- `overall` (String) Overall ZTA score from Crowdstrike. Value must be between 1 and 100.
- `path` (String) The path to the file.
- `require_all` (Boolean) True if all drives must be encrypted.
- `risk_level` (String) The risk level from Tanium. Available values: `low`, `medium`, `high`, `critical`.
- `running` (Boolean) Checks if the application should be running.
- `sensor_config` (String) Sensor signal score from Crowdstrike. Value must be between 1 and 100.
- `sha256` (String) The sha256 hash of the file.
- `thumbprint` (String) The thumbprint of the file certificate.
- `total_score` (Number) The total score from Tanium.
- `version` (String) The operating system semantic version.
- `version_operator` (String) The version comparison operator for crowdstrike. Available values: `>`, `>=`, `<`, `<=`, `==`.


<a id="nestedblock--match"></a>
### Nested Schema for `match`

Optional:

- `platform` (String) The platform of the device. Available values: `windows`, `mac`, `linux`, `android`, `ios`, `chromeos`.

## Import

Import is supported using the following syntax:

```shell
$ terraform import cloudflare_device_posture_rule.example <account_id>/<device_posture_rule_id>
```
